auth

Paddy 2015-03-07 Parent:bc842183181d Child:cf6c1f05eb21

auth/request.go

Return client Secrets when listing clients with basic auth. If the request to list clients is sent with basic auth containing the login and password for the owner of the client, its secret is not removed from the response before sending it.

Download raw file

View source Diff to previous Annotate

1 package auth

3 import (

4 "encoding/json"

5 "log"

6 "net/http"

8 "bitbucket.org/ww/goautoneg"

9 )

11 const (

12 requestErrAccessDenied = "access_denied"

13 requestErrInsufficient = "insufficient"

14 requestErrOverflow = "overflow"

15 requestErrInvalidValue = "invalid_value"

16 requestErrInvalidFormat = "invalid_format"

17 requestErrMissing = "missing"

18 requestErrNotFound = "not_found"

19 requestErrConflict = "conflict"

20 requestErrActOfGod = "act_of_god"

21 )

23 var (

24 actOfGodResponse = response{Errors: []requestError{requestError{Slug: requestErrActOfGod}}}

25 invalidFormatResponse = response{Errors: []requestError{requestError{Slug: requestErrInvalidFormat, Field: "/"}}}

27 encoders = []string{"application/json"}

28 )

30 type response struct {

31 Errors []requestError `json:"errors,omitempty"`

32 Logins []Login `json:"logins,omitempty"`

33 Profiles []Profile `json:"profiles,omitempty"`

34 Clients []Client `json:"clients,omitempty"`

35 Endpoints []Endpoint `json:"endpoints,omitempty"`

36 }

38 type requestError struct {

39 Slug string `json:"error,omitempty"`

40 Field string `json:"field,omitempty"`

41 Param string `json:"param,omitempty"`

42 Header string `json:"header,omitempty"`

43 }

45 func negotiate(h http.Handler) http.Handler {

46 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

47 if r.Header.Get("Accept") != "" {

48 contentType := goautoneg.Negotiate(r.Header.Get("Accept"), encoders)

49 if contentType == "" {

50 w.WriteHeader(http.StatusNotAcceptable)

51 w.Write([]byte("Unsupported content type requested: " + r.Header.Get("Accept")))

52 return

53 }

54 }

55 h.ServeHTTP(w, r)

56 })

57 }

59 func encode(w http.ResponseWriter, r *http.Request, status int, resp response) {

60 contentType := goautoneg.Negotiate(r.Header.Get("Accept"), encoders)

61 w.Header().Set("content-type", contentType)

62 w.WriteHeader(status)

63 var err error

64 switch contentType {

65 case "application/json":

66 enc := json.NewEncoder(w)

67 err = enc.Encode(resp)

68 default:

69 enc := json.NewEncoder(w)

70 err = enc.Encode(resp)

71 }

72 if err != nil {

73 log.Println(err)

74 }

75 }

77 func decode(r *http.Request, target interface{}) error {

78 defer r.Body.Close()

79 switch r.Header.Get("Content-Type") {

80 case "application/json":

81 dec := json.NewDecoder(r.Body)

82 return dec.Decode(target)

83 default:

84 dec := json.NewDecoder(r.Body)

85 return dec.Decode(target)

86 }

87 }

89 func wrap(context Context, f func(w http.ResponseWriter, r *http.Request, context Context)) http.Handler {

90 return negotiate(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

91 f(w, r, context)

92 }))

93 }